Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I gave someone remote access, am I infected?


  • Please log in to reply
3 replies to this topic

#1 JimSid

JimSid

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 03 April 2013 - 08:38 AM

Boy do I feel stupid, I was having trouble with figuring out my new outlook email. I got frustrated looking online for information and called what I thought was a Microsoft tech help ctr. The person on the phone told me she would connect me with a tech. thru a chat window at chat123.us. I proceeded to follow prompts and began chat with the tech. the tech stated I was probably infected with third party spyware and my email was hacked.During the process the tech asked to check some things. she pulled up a command prompt window and started looking at my ip address, she also got my start-up window open. When done she said I was infected and showed me where. She said she could fix for a fee. Already suspicious I declined and logged off. I ran my avira free antivirus and it came up clean and my computer seems to be ok but I fear I may have compromized my system. What now?
Thank you, Jim


Edited by hamluis, 03 April 2013 - 09:15 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 5,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:38 AM

Posted 03 April 2013 - 10:26 AM

From what I've read online that chat123.us uses LogMeIn Rescue to remotely connect to your

computer.

 

Link to LogMeIn: How LogMeIn Rescue Works: Remote Computer Support Solution | LogMeIn Rescue

 

QUOTE: With the customer's permission, this small .exe file automatically downloads to the remote PC. It's the interface through which technicians communicate with Customers and conduct remote support. The applet automatically removes itself from the remote PC at session conclusion.

The applet provides remote Customers with:

  • Interactive Chat and detailed Session History
  • Prompts to permit or deny technician access to all functions
  • File Transfer to the technician
  • Ability to stop Remote Control or disconnect at any time

You could do a search for LogMeIn on your computer to verify that it is no longer installed.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”
Lawrence M. Krauss


#3 JimSid

JimSid
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:08 AM

Posted 04 April 2013 - 08:32 AM

Thank you for the info. Logmein seems to be a legit company but I am concerned that they thought I was infected with something that my antivirus could not find. I did a search on my computer and found a pf file named SUPPORT-LOGMEINRESCUE[1].EXE-38418A4B.pf in my C:\WINDOWS\Prefetch. Should I delete it?

 

Thanks again



#4 buddy215

buddy215

  • BC Advisor
  • 5,556 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:38 AM

Posted 04 April 2013 - 09:03 AM

You can clean up the prefetch/ temporary files using Disk Cleanup or programs

such as Ccleaner and BleachBit or manually delete them. All free. Just be sure if you

choose Ccleaner that you not allow Yahoo Toolbar or some other program other than Ccleaner to install.

 

Some of the scammers that are allowed remote access to computers will lock up the

computer until they get paid. Good that that did not happen in your case.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”
Lawrence M. Krauss





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users